Now we will admit we’re a bit disappointed from this tip. Don’t get us wrong, the distro looks like it’s well done, and we’re sure there are a lot of folks out there who will be happy to have these tools to help test their network security. But this is a software only hack and we were expecting to see a nice little covert package that could be plugged into an outlet (SheevaPlug style), or a battery-powered module that can be plugged into an Ethernet port and hidden away.

Post navigation

28 thoughts on “Penetration testing with the Raspberry Pi”

Seems the PwnPi site has been HackaDayed: very slow to load. My argument against a black box/hat approach with the Pi is that it is over kill. The WR703N is good enough, and cheaper (in case you lose it!). And it comes in a box!

Hopefully, the wait to get a display with HDMI ports (or converter for current displays owned to HDMI) will be significanlly less than the wait time for the RasberryPi from what ever “announcment”/order date for the RasberryPi used. :)

Indeed, moreover, when in ssh, install a VNC server, such as TightVNCServer, enable it, and access the RPi desktop from a remote computer.
Personally, I’m using my RPi everyday without keyboard, mouse or display: all remote.
My RPi is running Apache WEB server, PHP5 and MySQL. Samba is also up, making RPi a cloud server for the house. No need for speed for these apps. Therefore, 3 Watts are good enough!

Sort of. These tasks take a lot of time. Even on high end consumer systems I often don’t rise to more than 4k tries per second.

A raspberryPi would be best used as a go between, use something with more power elsewhere.

But all this is missing the main point of security: if you can get this thing on the network, you already have physical access to the network. If you have physical access to the network, then why do you need this particularly to gain access.

Physical security and network security go hand in hand. I am sitting here at work and I can see a few of the neighbors networks. I could be running reaver on my laptop and the neighbors wouldnt have any idea until their DHCP list shows a system they dont recognize.

put it on a RC car and drive it to the secure location for wireless network hacking. Once into the network, load a backdoor app so you can connect from anywhere! you know for security testing….nothing malicous ;)

hmm…thinking solar panel, gps, PwnPi….probably get it run over or stolen….okay never mind.

Install Reaver on it and it won’t really need that much processing power to crack WPS. As compared to dictionary attacks(which only has a 100% or 0% chance of cracking), WPS has a much much more chance of cracking a network (about 90% of the time depending if the router’s WPS is turned on, and is probably turned on, on most AP’s). The speed of cracking WPS depends on the AP itself, so it doesn’t really matter if you’re using a Raspberry Pi or a full fledged computer.